本文整理汇总了PHP中Group::forget方法的典型用法代码示例。如果您正苦于以下问题:PHP Group::forget方法的具体用法?PHP Group::forget怎么用?PHP Group::forget使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类Group的用法示例。
在下文中一共展示了Group::forget方法的13个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: testSaveAndLoadGroup
public function testSaveAndLoadGroup()
{
$u = array();
for ($i = 0; $i < 5; $i++) {
$user = new User();
$user->setScenario('createUser');
$user->username = "uuuuu{$i}";
$user->title->value = 'Mr.';
$user->firstName = "Uuuuuu{$i}";
$user->lastName = "Uuuuuu{$i}son";
$user->setPassword("uuuuu{$i}");
$this->assertTrue($user->save());
$u[] = $user;
}
$a = new Group();
$a->name = 'AAA';
$this->assertTrue($a->save());
$this->assertEquals(0, $a->users->count());
$this->assertEquals(0, $a->groups->count());
$b = new Group();
$b->name = 'BBB';
$this->assertTrue($b->save());
$this->assertEquals(0, $b->users->count());
$this->assertEquals(0, $b->groups->count());
$a->users->add($u[0]);
$a->groups->add($b);
$this->assertTrue($a->save());
$this->assertEquals(1, $a->users->count());
$b->forget();
unset($b);
$a->forget();
unset($a);
}示例2: testPasswordExpiresPolicyRules
public function testPasswordExpiresPolicyRules()
{
$everyoneGroup = Group::getByName(Group::EVERYONE_GROUP_NAME);
$everyoneGroup->save();
$user = UserTestHelper::createBasicUser('Bobby');
$id = $user->id;
unset($user);
$user = User::getById($id);
$adapter = new UserGroupMembershipToViewAdapter($user);
$viewData = $adapter->getViewData();
$compareData = array($everyoneGroup->id => array('displayName' => 'Everyone', 'canRemoveFrom' => false));
$this->assertEquals($compareData, $viewData);
$a = new Group();
$a->name = 'AAA';
$this->assertTrue($a->save());
$a->users->add($user);
$this->assertTrue($a->save());
$user->forget();
$groupId = $a->id;
$a->forget();
unset($a);
$user = User::getById($id);
$adapter = new UserGroupMembershipToViewAdapter($user);
$viewData = $adapter->getViewData();
$compareData = array($everyoneGroup->id => array('displayName' => 'Everyone', 'canRemoveFrom' => false), $groupId => array('displayName' => 'AAA', 'canRemoveFrom' => true));
$this->assertEquals($compareData, $viewData);
$user->forget();
unset($user);
}示例3: testStrongerIntegerNotSavingAsInteger
public function testStrongerIntegerNotSavingAsInteger()
{
SecurityTestHelper::createSuperAdmin();
Yii::app()->user->userModel = User::getByUsername('super');
$user = UserTestHelper::createBasicUser('arrry');
$userId = $user->id;
$user2 = UserTestHelper::createBasicUser('brrry');
$user2Id = $user2->id;
$a = new Group();
$a->name = 'RRRRRA';
$this->assertTrue($a->save());
$a->users->add($user);
$a->users->add($user2);
$a->save();
$user->forget();
$user2->forget();
$a->forget();
unset($a);
unset($user);
unset($user2);
$a = Group::getByName('RRRRRA');
$data = PoliciesUtil::getAllModulePoliciesDataByPermitable($a);
$policiesForm = PoliciesFormUtil::makeFormFromPoliciesData($data);
$fakePost = array('UsersModule__POLICY_ENFORCE_STRONG_PASSWORDS' => '', 'UsersModule__POLICY_MINIMUM_PASSWORD_LENGTH__helper' => '1', 'UsersModule__POLICY_MINIMUM_PASSWORD_LENGTH' => '5', 'UsersModule__POLICY_MINIMUM_USERNAME_LENGTH__helper' => '1', 'UsersModule__POLICY_MINIMUM_USERNAME_LENGTH' => '5', 'UsersModule__POLICY_PASSWORD_EXPIRES' => '');
$validatedAndCastedPostData = PoliciesFormUtil::typeCastPostData($fakePost);
$policiesForm = PoliciesFormUtil::loadFormFromCastedPost($policiesForm, $validatedAndCastedPostData);
$this->assertTrue($policiesForm->validate());
$saved = PoliciesFormUtil::setPoliciesFromCastedPost($validatedAndCastedPostData, $a);
$this->assertTrue($saved);
$a->forget();
$user = User::getById($userId);
$user2 = User::getById($user2Id);
$data = PoliciesUtil::getAllModulePoliciesDataByPermitable($user);
$data = PoliciesUtil::getAllModulePoliciesDataByPermitable($user2);
$user->forget();
$user2->forget();
}示例4: testRegularUserControllerActionsWithElevationToModels
//.........这里部分代码省略.........
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/edit');
$this->setGetArray(array('id' => $meeting->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/details');
$this->setGetArray(array('id' => $meeting->id));
$this->resetPostArray();
$this->runControllerShouldResultInAccessFailureAndGetContent('meetings/default/delete');
//give nobody access to both details and edit view
Yii::app()->user->userModel = $super;
$meeting->addPermissions($nobody, Permission::READ_WRITE_DELETE);
$this->assertTrue($meeting->save());
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForUser($meeting, $nobody);
//Now nobodys, access to delete of meetings should not fail.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $meeting->id));
$this->resetPostArray();
$this->runControllerWithRedirectExceptionAndGetContent('meetings/default/delete');
//create some roles
Yii::app()->user->userModel = $super;
$parentRole = new Role();
$parentRole->name = 'AAA';
$this->assertTrue($parentRole->save());
$childRole = new Role();
$childRole->name = 'BBB';
$this->assertTrue($childRole->save());
$userInParentRole = User::getByUsername('confused');
$userInChildRole = User::getByUsername('nobody');
$childRole->users->add($userInChildRole);
$this->assertTrue($childRole->save());
$parentRole->users->add($userInParentRole);
$parentRole->roles->add($childRole);
$this->assertTrue($parentRole->save());
$userInChildRole->forget();
$userInChildRole = User::getByUsername('nobody');
$userInParentRole->forget();
$userInParentRole = User::getByUsername('confused');
$parentRoleId = $parentRole->id;
$parentRole->forget();
$parentRole = Role::getById($parentRoleId);
$childRoleId = $childRole->id;
$childRole->forget();
$childRole = Role::getById($childRoleId);
//create account owned by super
$account2 = AccountTestHelper::createAccountByNameForOwner('AccountsParentRolePermission', $super);
//Test userInParentRole, access to details and edit should fail.
Yii::app()->user->userModel = $userInParentRole;
$this->setGetArray(array('id' => $account2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('accounts/default/details');
//give userInChildRole access to READ
Yii::app()->user->userModel = $super;
$account2->addPermissions($userInChildRole, Permission::READ);
$this->assertTrue($account2->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($account2, $userInChildRole);
//Test userInChildRole, access to details should not fail.
Yii::app()->user->userModel = $userInChildRole;
$this->setGetArray(array('id' => $account2->id));
$this->runControllerWithNoExceptionsAndGetContent('accounts/default/details');
//Test userInParentRole, access to details should not fail.
Yii::app()->user->userModel = $userInParentRole;
$this->setGetArray(array('id' => $account2->id));
$this->runControllerWithNoExceptionsAndGetContent('accounts/default/details');
//create a meeting owned by super
$super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
$meeting2 = MeetingTestHelper::createMeetingWithOwnerAndRelatedAccount('meetingCreatedBySuperForRole', $super, $account2);
//Test userInChildRole, access to meetings details, edit and delete should fail.示例5: testRegularUserControllerActionsWithElevationToModels
/**
* @depends testRegularUserControllerActionsWithElevationToAccessAndCreate
*/
public function testRegularUserControllerActionsWithElevationToModels()
{
//Create project owned by user super.
$super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
$project = ProjectTestHelper::createProjectByNameForOwner('projectForElevationToModelTest', $super);
//Test nobody, access to edit and details should fail.
$nobody = $this->logoutCurrentUserLoginNewUserAndGetByUsername('nobody');
$this->runControllerWithNoExceptionsAndGetContent('projects/default/dashboardDetails');
$this->setGetArray(array('id' => $project->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/edit');
$this->setGetArray(array('id' => $project->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/details');
$this->setGetArray(array('id' => $project->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/delete');
//give nobody access to read
Yii::app()->user->userModel = $super;
$project->addPermissions($nobody, Permission::READ);
$this->assertTrue($project->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($project, $nobody);
//Now the nobody user can access the details view.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $project->id));
$this->runControllerWithNoExceptionsAndGetContent('projects/default/details');
//Test nobody, access to edit should fail.
$this->setGetArray(array('id' => $project->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/edit');
$this->setGetArray(array('id' => $project->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/delete');
$projectId = $project->id;
$project->forget();
$project = Project::getById($projectId);
//give nobody access to read and write
Yii::app()->user->userModel = $super;
$project->addPermissions($nobody, Permission::READ_WRITE_CHANGE_PERMISSIONS);
//TODO :Its wierd that giving opportunity errors
$this->assertTrue($project->save());
AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForUser($project, $nobody);
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForUser($project, $nobody);
//Now the nobody user should be able to access the edit view and still the details view.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $project->id));
$this->runControllerWithNoExceptionsAndGetContent('projects/default/details');
$this->setGetArray(array('id' => $project->id));
$this->runControllerWithNoExceptionsAndGetContent('projects/default/edit');
$projectId = $project->id;
$project->forget();
$project = Project::getById($projectId);
//revoke nobody access to read
Yii::app()->user->userModel = $super;
$project->addPermissions($nobody, Permission::READ_WRITE_CHANGE_PERMISSIONS, Permission::DENY);
$this->assertTrue($project->save());
AllPermissionsOptimizationUtil::securableItemLostPermissionsForUser($project, $nobody);
//Test nobody, access to detail should fail.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $project->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/details');
$this->setGetArray(array('id' => $project->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/edit');
//create some roles
Yii::app()->user->userModel = $super;
$parentRole = new Role();
$parentRole->name = 'AAA';
$this->assertTrue($parentRole->save());
$childRole = new Role();
$childRole->name = 'BBB';
$this->assertTrue($childRole->save());
$userInParentRole = User::getByUsername('confused');
$userInChildRole = User::getByUsername('nobody');
$childRole->users->add($userInChildRole);
$this->assertTrue($childRole->save());
$parentRole->users->add($userInParentRole);
$parentRole->roles->add($childRole);
$this->assertTrue($parentRole->save());
$userInChildRole->forget();
$userInChildRole = User::getByUsername('nobody');
$userInParentRole->forget();
$userInParentRole = User::getByUsername('confused');
$parentRoleId = $parentRole->id;
$parentRole->forget();
$parentRole = Role::getById($parentRoleId);
$childRoleId = $childRole->id;
$childRole->forget();
$childRole = Role::getById($childRoleId);
//create project owned by super
$project2 = ProjectTestHelper::createProjectByNameForOwner('testingParentRolePermission', $super);
//Test userInParentRole, access to details and edit should fail.
Yii::app()->user->userModel = $userInParentRole;
$this->setGetArray(array('id' => $project2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/details');
$this->setGetArray(array('id' => $project2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('projects/default/edit');
//give userInChildRole access to READ
Yii::app()->user->userModel = $super;
$project2->addPermissions($userInChildRole, Permission::READ);
$this->assertTrue($project2->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($project2, $userInChildRole);
//Test userInChildRole, access to details should not fail.
//.........这里部分代码省略.........
示例6: testRegularUserControllerActionsWithElevationToModels
/**
* @depends testRegularUserControllerActionsWithElevationToAccessAndCreate
*/
public function testRegularUserControllerActionsWithElevationToModels()
{
//Create contact web form owned by user super.
$super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
$contactWebForm = ContactWebFormTestHelper::createContactWebFormByName('contactWebFormForElevationToModelTest', $super);
//Test nobody, access to edit and details should fail.
$nobody = $this->logoutCurrentUserLoginNewUserAndGetByUsername('nobody');
$this->setGetArray(array('id' => $contactWebForm->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit');
$this->setGetArray(array('id' => $contactWebForm->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/details');
//give nobody access to read
Yii::app()->user->userModel = $super;
$contactWebForm->addPermissions($nobody, Permission::READ);
$this->assertTrue($contactWebForm->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($contactWebForm, $nobody);
//Now the nobody user can access the details view.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $contactWebForm->id));
$this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/details');
//Test nobody, access to edit should fail.
$this->setGetArray(array('id' => $contactWebForm->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit');
$contactWebFormId = $contactWebForm->id;
$contactWebForm->forget();
$contactWebForm = ContactWebForm::getById($contactWebFormId);
//give nobody access to read and write
Yii::app()->user->userModel = $super;
$contactWebForm->addPermissions($nobody, Permission::READ_WRITE_CHANGE_PERMISSIONS);
$this->assertTrue($contactWebForm->save());
AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForUser($contactWebForm, $nobody);
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForUser($contactWebForm, $nobody);
//Now the nobody user should be able to access the edit view and still the details view.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $contactWebForm->id));
$this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/details');
$this->setGetArray(array('id' => $contactWebForm->id));
$this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/edit');
$contactWebFormId = $contactWebForm->id;
$contactWebForm->forget();
$contactWebForm = ContactWebForm::getById($contactWebFormId);
//revoke nobody access to read
Yii::app()->user->userModel = $super;
$contactWebForm->removePermissions($nobody, Permission::READ_WRITE_CHANGE_PERMISSIONS);
$this->assertTrue($contactWebForm->save());
AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForUser($contactWebForm, $nobody);
//Test nobody, access to detail should fail.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $contactWebForm->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/details');
$this->setGetArray(array('id' => $contactWebForm->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit');
//create some roles
Yii::app()->user->userModel = $super;
$parentRole = new Role();
$parentRole->name = 'AAA';
$this->assertTrue($parentRole->save());
$childRole = new Role();
$childRole->name = 'BBB';
$this->assertTrue($childRole->save());
$userInParentRole = User::getByUsername('confused');
$userInChildRole = User::getByUsername('nobody');
$childRole->users->add($userInChildRole);
$this->assertTrue($childRole->save());
$parentRole->users->add($userInParentRole);
$parentRole->roles->add($childRole);
$this->assertTrue($parentRole->save());
$userInChildRole->forget();
$userInChildRole = User::getByUsername('nobody');
$userInParentRole->forget();
$userInParentRole = User::getByUsername('confused');
$parentRoleId = $parentRole->id;
$parentRole->forget();
$parentRole = Role::getById($parentRoleId);
$childRoleId = $childRole->id;
$childRole->forget();
$childRole = Role::getById($childRoleId);
//create web form owned by super
$contactWebForm2 = ContactWebFormTestHelper::createContactWebFormByName('testingParentRolePermission', $super);
//Test userInParentRole, access to details and edit should fail.
Yii::app()->user->userModel = $userInParentRole;
$this->setGetArray(array('id' => $contactWebForm2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/details');
$this->setGetArray(array('id' => $contactWebForm2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('contactWebForms/default/edit');
//give userInChildRole access to READ
Yii::app()->user->userModel = $super;
$contactWebForm2->addPermissions($userInChildRole, Permission::READ);
$this->assertTrue($contactWebForm2->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($contactWebForm2, $userInChildRole);
//Test userInChildRole, access to details should not fail.
Yii::app()->user->userModel = $userInChildRole;
$this->setGetArray(array('id' => $contactWebForm2->id));
$this->runControllerWithNoExceptionsAndGetContent('contactWebForms/default/details');
//Test userInParentRole, access to details should not fail.
Yii::app()->user->userModel = $userInParentRole;
$this->setGetArray(array('id' => $contactWebForm2->id));
//.........这里部分代码省略.........
示例7: testRegularUserControllerActionsWithElevationToModels
/**
* @depends testRegularUserControllerActionsWithElevationToAccessAndCreate
*/
public function testRegularUserControllerActionsWithElevationToModels()
{
//Create lead owned by user super.
$super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
$lead = LeadTestHelper::createLeadByNameForOwner('leadForElevationToModelTest', $super);
//Test nobody, access to edit, details and delete should fail.
$nobody = $this->logoutCurrentUserLoginNewUserAndGetByUsername('nobody');
$this->setGetArray(array('id' => $lead->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/edit');
$this->setGetArray(array('id' => $lead->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/details');
$this->setGetArray(array('id' => $lead->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/delete');
//give nobody access to read
Yii::app()->user->userModel = $super;
$lead->addPermissions($nobody, Permission::READ);
$this->assertTrue($lead->save());
AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($lead, $nobody);
//Now the nobody user can access the details view.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $lead->id));
$this->runControllerWithNoExceptionsAndGetContent('leads/default/details');
//Test nobody, access to edit and delete should fail.
$this->setGetArray(array('id' => $lead->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/edit');
$this->setGetArray(array('id' => $lead->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/delete');
//give nobody access to read and write
Yii::app()->user->userModel = $super;
$lead->addPermissions($nobody, Permission::READ_WRITE_CHANGE_PERMISSIONS);
$this->assertTrue($lead->save());
AllPermissionsOptimizationUtil::securableItemLostReadPermissionsForUser($lead, $nobody);
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForUser($lead, $nobody);
//Now the nobody user should be able to access the edit view and still the details view
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $lead->id));
$this->runControllerWithNoExceptionsAndGetContent('leads/default/details');
$this->setGetArray(array('id' => $lead->id));
$this->runControllerWithNoExceptionsAndGetContent('leads/default/edit');
//Test nobody, access to delete should fail.
$this->setGetArray(array('id' => $lead->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/delete');
//revoke nobody access to read
Yii::app()->user->userModel = $super;
$lead->removePermissions($nobody, Permission::READ_WRITE_CHANGE_PERMISSIONS);
$this->assertTrue($lead->save());
AllPermissionsOptimizationUtil::securableItemLostPermissionsForUser($lead, $nobody);
//Test nobody, access to detail, edit and delete should fail.
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $lead->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/details');
$this->setGetArray(array('id' => $lead->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/edit');
$this->setGetArray(array('id' => $lead->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/delete');
//give nobody access to read, write and delete
Yii::app()->user->userModel = $super;
$lead->addPermissions($nobody, Permission::READ_WRITE_DELETE);
$this->assertTrue($lead->save());
AllPermissionsOptimizationUtil::securableItemGivenPermissionsForUser($lead, $nobody);
//now nobody should be able to delete a lead
Yii::app()->user->userModel = $nobody;
$this->setGetArray(array('id' => $lead->id));
$this->resetPostArray();
$this->runControllerWithRedirectExceptionAndGetContent('leads/default/delete', Yii::app()->createUrl('leads/default/index'));
//create some roles
Yii::app()->user->userModel = $super;
$parentRole = new Role();
$parentRole->name = 'AAA';
$this->assertTrue($parentRole->save());
$childRole = new Role();
$childRole->name = 'BBB';
$this->assertTrue($childRole->save());
$userInParentRole = User::getByUsername('confused');
$userInChildRole = User::getByUsername('nobody');
$childRole->users->add($userInChildRole);
$this->assertTrue($childRole->save());
$parentRole->users->add($userInParentRole);
$parentRole->roles->add($childRole);
$this->assertTrue($parentRole->save());
$userInChildRole->forget();
$userInChildRole = User::getByUsername('nobody');
$userInParentRole->forget();
$userInParentRole = User::getByUsername('confused');
$parentRoleId = $parentRole->id;
$parentRole->forget();
$parentRole = Role::getById($parentRoleId);
$childRoleId = $childRole->id;
$childRole->forget();
$childRole = Role::getById($childRoleId);
//create lead owned by super
$lead2 = LeadTestHelper::createLeadByNameForOwner('leadsParentRolePermission', $super);
//Test userInChildRole, access to details, edit and delete should fail.
Yii::app()->user->userModel = $userInChildRole;
$this->setGetArray(array('id' => $lead2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('leads/default/details');
$this->setGetArray(array('id' => $lead2->id));
//.........这里部分代码省略.........
示例8: testARegularUserWhoCanAccessGroupsCanProperlyModifyModulePermission
/**
* Should not throw an exception AccessDeniedSecurityException
*/
public function testARegularUserWhoCanAccessGroupsCanProperlyModifyModulePermission()
{
$nobody = UserTestHelper::createBasicUser('nobody');
$nobody->setRight('GroupsModule', GroupsModule::RIGHT_ACCESS_GROUPS);
$nobody->setRight('GroupsModule', GroupsModule::RIGHT_CREATE_GROUPS);
$nobody->setRight('GroupsModule', GroupsModule::RIGHT_DELETE_GROUPS);
$this->assertTrue($nobody->save());
Yii::app()->user->userModel = $nobody;
$group = new Group();
$group->name = 'newGroup2';
$saved = $group->save();
$this->assertTrue($saved);
$group->forget();
$newItem = NamedSecurableItem::getByName('SomeModule');
$this->assertEquals(array(Permission::NONE, Permission::NONE), $newItem->getExplicitActualPermissions($group));
$newItem->forget();
$fakePost = array('SomeModule__' . Permission::CHANGE_PERMISSIONS => strval(Permission::ALLOW), 'SomeModule__' . Permission::CHANGE_OWNER => strval(Permission::ALLOW));
$validatedPost = ModulePermissionsFormUtil::typeCastPostData($fakePost);
$saved = ModulePermissionsFormUtil::setPermissionsFromCastedPost($validatedPost, $group);
$this->assertTrue($saved);
//Success, an exception was not thrown. AccessDeniedSecurityException
}示例9: testRegularUserControllerActionsWithElevationToModels
//.........这里部分代码省略.........
$this->runControllerShouldResultInAccessFailureAndGetContent('accounts/default/edit');
$this->setGetArray(array('id' => $account2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('accounts/default/delete');
//give userInChildRole access to read, write and delete
Yii::app()->user->userModel = $super;
$account2->addPermissions($userInChildRole, Permission::READ_WRITE_DELETE);
$this->assertTrue($account2->save());
//Test userInParentRole, access to delete should not fail.
Yii::app()->user->userModel = $userInParentRole;
$this->setGetArray(array('id' => $account2->id));
$this->resetPostArray();
$this->runControllerWithRedirectExceptionAndGetContent('accounts/default/delete', Yii::app()->createUrl('accounts/default/index'));
//clear up the role relationships between users so not to effect next assertions
$parentRole->users->remove($userInParentRole);
$parentRole->roles->remove($childRole);
$this->assertTrue($parentRole->save());
$childRole->users->remove($userInChildRole);
$this->assertTrue($childRole->save());
//create some groups and assign users to groups
Yii::app()->user->userModel = $super;
$parentGroup = new Group();
$parentGroup->name = 'AAA';
$this->assertTrue($parentGroup->save());
$childGroup = new Group();
$childGroup->name = 'BBB';
$this->assertTrue($childGroup->save());
$userInChildGroup = User::getByUsername('confused');
$userInParentGroup = User::getByUsername('nobody');
$childGroup->users->add($userInChildGroup);
$this->assertTrue($childGroup->save());
$parentGroup->users->add($userInParentGroup);
$parentGroup->groups->add($childGroup);
$this->assertTrue($parentGroup->save());
$parentGroup->forget();
$childGroup->forget();
$parentGroup = Group::getByName('AAA');
$childGroup = Group::getByName('BBB');
//Add access for the confused user to accounts and creation of accounts.
$userInChildGroup->setRight('AccountsModule', AccountsModule::RIGHT_ACCESS_ACCOUNTS);
$userInChildGroup->setRight('AccountsModule', AccountsModule::RIGHT_CREATE_ACCOUNTS);
$userInChildGroup->setRight('AccountsModule', AccountsModule::RIGHT_DELETE_ACCOUNTS);
$this->assertTrue($userInChildGroup->save());
//create account owned by super
$account3 = AccountTestHelper::createAccountByNameForOwner('testingAccountsParentGroupPermission', $super);
//Test userInParentGroup, access to details, edit and delete should fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $account3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('accounts/default/details');
$this->setGetArray(array('id' => $account3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('accounts/default/edit');
$this->setGetArray(array('id' => $account3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('accounts/default/delete');
//Test userInChildGroup, access to details, edit and delete should fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $account3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('accounts/default/details');
$this->setGetArray(array('id' => $account3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('accounts/default/edit');
$this->setGetArray(array('id' => $account3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('accounts/default/delete');
//give parentGroup access to READ
Yii::app()->user->userModel = $super;
$account3->addPermissions($parentGroup, Permission::READ);
$this->assertTrue($account3->save());
//Test userInParentGroup, access to details should not fail.
Yii::app()->user->userModel = $userInParentGroup;示例10: testGroupsWithParentGroup
/**
* @depends testSaveAndLoadGroup
*/
public function testGroupsWithParentGroup()
{
$a = Group::getByName('AAA');
$aId = $a->id;
$group = new Group();
$group->name = 'Child';
$group->group = $a;
$saved = $group->save();
$this->assertTrue($saved);
$group->forget();
unset($group);
$group = Group::getByName('Child');
$this->assertEquals('Child', $group->name);
$this->assertEquals($aId, $group->group->id);
unset($group);
unset($a);
RedBeanModel::forgetAll();
$a = Group::getByName('AAA');
$group = Group::getByName('Child');
$a->groups->remove($group);
$this->assertTrue($a->save());
}示例11: testGroupChangeOrDeleteScenario4
/**
* Test nested groups
*/
public function testGroupChangeOrDeleteScenario4()
{
$super = User::getByUsername('super');
Yii::app()->user->userModel = $super;
$job = new ReadPermissionSubscriptionUpdateForAccountJob();
$jobBasedOnBuildTable = new ReadPermissionSubscriptionUpdateForAccountFromBuildTableJob();
$johnny = self::$johnny;
$this->deleteAllModelsAndRecordsFromReadPermissionTable('Account');
$account = AccountTestHelper::createAccountByNameForOwner('Third Account', $super);
Yii::app()->jobQueue->deleteAll();
sleep(1);
$parentGroup = new Group();
$parentGroup->name = 'Parent';
$this->assertTrue($parentGroup->save());
$group = new Group();
$group->name = 'Child';
$group->group = $parentGroup;
$saved = $group->save();
$this->assertTrue($saved);
$group->users->add($johnny);
$this->assertTrue($group->save());
$queuedJobs = Yii::app()->jobQueue->getAll();
$this->assertEquals(1, count($queuedJobs[5]));
$this->assertEquals('ReadPermissionSubscriptionUpdateForAccount', $queuedJobs[5][0]['jobType']);
Yii::app()->jobQueue->deleteAll();
$this->assertTrue($job->run());
$sql = "SELECT * FROM account_read_subscription order by userid";
$rows = ZurmoRedBean::getAll($sql);
$this->assertEquals(1, count($rows));
$this->assertEquals($super->id, $rows[0]['userid']);
$this->assertEquals($account->id, $rows[0]['modelid']);
$this->assertEquals(ReadPermissionsSubscriptionUtil::TYPE_ADD, $rows[0]['subscriptiontype']);
// Add permissions for parentGroup to READ account
$account->addPermissions($parentGroup, Permission::READ);
$this->assertTrue($account->save());
RedBeanModel::forgetAll();
ReadPermissionsOptimizationUtil::rebuild();
$queuedJobs = Yii::app()->jobQueue->getAll();
$this->assertEquals(1, count($queuedJobs[5]));
$this->assertEquals('ReadPermissionSubscriptionUpdateForAccountFromBuildTable', $queuedJobs[5][0]['jobType']);
Yii::app()->jobQueue->deleteAll();
$this->assertTrue($jobBasedOnBuildTable->run());
$sql = "SELECT * FROM account_read_subscription order by userid";
$rows = ZurmoRedBean::getAll($sql);
$this->assertEquals(2, count($rows));
$this->assertEquals($super->id, $rows[0]['userid']);
$this->assertEquals($account->id, $rows[0]['modelid']);
$this->assertEquals(ReadPermissionsSubscriptionUtil::TYPE_ADD, $rows[0]['subscriptiontype']);
$this->assertEquals($johnny->id, $rows[1]['userid']);
$this->assertEquals($account->id, $rows[1]['modelid']);
$this->assertEquals(ReadPermissionsSubscriptionUtil::TYPE_ADD, $rows[1]['subscriptiontype']);
// Remove permissions from parentGroup to READ account
$account->removePermissions($parentGroup, Permission::READ);
$this->assertTrue($account->save());
RedBeanModel::forgetAll();
ReadPermissionsOptimizationUtil::rebuild();
$queuedJobs = Yii::app()->jobQueue->getAll();
$this->assertEquals(1, count($queuedJobs[5]));
$this->assertEquals('ReadPermissionSubscriptionUpdateForAccountFromBuildTable', $queuedJobs[5][0]['jobType']);
Yii::app()->jobQueue->deleteAll();
$this->assertTrue($jobBasedOnBuildTable->run());
$sql = "SELECT * FROM account_read_subscription order by userid";
$rows = ZurmoRedBean::getAll($sql);
$this->assertEquals(2, count($rows));
$this->assertEquals($super->id, $rows[0]['userid']);
$this->assertEquals($account->id, $rows[0]['modelid']);
$this->assertEquals(ReadPermissionsSubscriptionUtil::TYPE_ADD, $rows[0]['subscriptiontype']);
$this->assertEquals($johnny->id, $rows[1]['userid']);
$this->assertEquals($account->id, $rows[1]['modelid']);
$this->assertEquals(ReadPermissionsSubscriptionUtil::TYPE_DELETE, $rows[1]['subscriptiontype']);
// Test parent group adding/removing
$account->addPermissions($parentGroup, Permission::READ);
$this->assertTrue($account->save());
RedBeanModel::forgetAll();
ReadPermissionsOptimizationUtil::rebuild();
$queuedJobs = Yii::app()->jobQueue->getAll();
$this->assertEquals(1, count($queuedJobs[5]));
$this->assertEquals('ReadPermissionSubscriptionUpdateForAccountFromBuildTable', $queuedJobs[5][0]['jobType']);
Yii::app()->jobQueue->deleteAll();
$this->assertTrue($jobBasedOnBuildTable->run());
$sql = "SELECT * FROM account_read_subscription order by userid";
$rows = ZurmoRedBean::getAll($sql);
$this->assertEquals(2, count($rows));
$this->assertEquals($super->id, $rows[0]['userid']);
$this->assertEquals($account->id, $rows[0]['modelid']);
$this->assertEquals(ReadPermissionsSubscriptionUtil::TYPE_ADD, $rows[0]['subscriptiontype']);
$this->assertEquals($johnny->id, $rows[1]['userid']);
$this->assertEquals($account->id, $rows[1]['modelid']);
$this->assertEquals(ReadPermissionsSubscriptionUtil::TYPE_ADD, $rows[1]['subscriptiontype']);
// Delete parent group
$parentGroup->delete();
RedBeanModel::forgetAll();
ReadPermissionsOptimizationUtil::rebuild();
$queuedJobs = Yii::app()->jobQueue->getAll();
$this->assertEquals(1, count($queuedJobs[5]));
$this->assertEquals('ReadPermissionSubscriptionUpdateForAccount', $queuedJobs[5][0]['jobType']);
Yii::app()->jobQueue->deleteAll();
//.........这里部分代码省略.........
示例12: testRegularUserControllerActionsWithElevationToModels
//.........这里部分代码省略.........
//Test userInChildRole, access to detail and edit should fail.
Yii::app()->user->userModel = $userInChildRole;
$this->setGetArray(array('id' => $task2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/details');
$this->setGetArray(array('id' => $task2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/edit');
//Test userInParentRole, access to detail and edit should fail.
Yii::app()->user->userModel = $userInParentRole;
$this->setGetArray(array('id' => $task2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/details');
$this->setGetArray(array('id' => $task2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('tasks/default/edit');
//clear up the role relationships between users so not to effect next assertions
$parentRole->users->remove($userInParentRole);
$parentRole->roles->remove($childRole);
$this->assertTrue($parentRole->save());
$childRole->users->remove($userInChildRole);
$this->assertTrue($childRole->save());
//create some groups and assign users to groups
Yii::app()->user->userModel = $super;
$parentGroup = new Group();
$parentGroup->name = 'AAA';
$this->assertTrue($parentGroup->save());
$childGroup = new Group();
$childGroup->name = 'BBB';
$this->assertTrue($childGroup->save());
$userInChildGroup = User::getByUsername('confused');
$userInParentGroup = User::getByUsername('nobody');
$childGroup->users->add($userInChildGroup);
$this->assertTrue($childGroup->save());
$parentGroup->users->add($userInParentGroup);
$parentGroup->groups->add($childGroup);
$this->assertTrue($parentGroup->save());
$parentGroup->forget();
$childGroup->forget();
$parentGroup = Group::getByName('AAA');
$childGroup = Group::getByName('BBB');
//Add access for the confused user to accounts and creation of accounts.
$userInChildGroup->setRight('AccountsModule', AccountsModule::RIGHT_ACCESS_ACCOUNTS);
$userInChildGroup->setRight('AccountsModule', AccountsModule::RIGHT_CREATE_ACCOUNTS);
$this->assertTrue($userInChildGroup->save());
//create account owned by super
$account3 = AccountTestHelper::createAccountByNameForOwner('testingAccountsParentGroupPermission', $super);
//Test userInParentGroup, access to details should fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $account3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('accounts/default/details');
//Test userInChildGroup, access to details should fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $account3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('accounts/default/details');
//give parentGroup access to READ
Yii::app()->user->userModel = $super;
$account3->addPermissions($parentGroup, Permission::READ);
$this->assertTrue($account3->save());
//Test userInParentGroup, access to details should not fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $account3->id));
$this->runControllerWithNoExceptionsAndGetContent('accounts/default/details');
//Test userInChildGroup, access to details should not fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $account3->id));
$this->runControllerWithNoExceptionsAndGetContent('accounts/default/details');
//create a task owned by super
$super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super');
$task3 = TaskTestHelper::createTaskWithOwnerAndRelatedAccount('taskCreatedBySuperForGroup', $super, $account3);示例13: testRegularUserControllerActionsWithElevationToModels
//.........这里部分代码省略.........
//Test userInChildRole, access to detail should fail.
Yii::app()->user->userModel = $userInChildRole;
$this->setGetArray(array('id' => $opportunity2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('opportunities/default/details');
$this->setGetArray(array('id' => $opportunity2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('opportunities/default/edit');
//Test userInParentRole, access to detail should fail.
Yii::app()->user->userModel = $userInParentRole;
$this->setGetArray(array('id' => $opportunity2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('opportunities/default/details');
$this->setGetArray(array('id' => $opportunity2->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('opportunities/default/edit');
//clear up the role relationships between users so not to effect next assertions
$parentRole->users->remove($userInParentRole);
$parentRole->roles->remove($childRole);
$this->assertTrue($parentRole->save());
$childRole->users->remove($userInChildRole);
$this->assertTrue($childRole->save());
//create some groups and assign users to groups
Yii::app()->user->userModel = $super;
$parentGroup = new Group();
$parentGroup->name = 'AAA';
$this->assertTrue($parentGroup->save());
$childGroup = new Group();
$childGroup->name = 'BBB';
$this->assertTrue($childGroup->save());
$userInChildGroup = User::getByUsername('confused');
$userInParentGroup = User::getByUsername('nobody');
$childGroup->users->add($userInChildGroup);
$this->assertTrue($childGroup->save());
$parentGroup->users->add($userInParentGroup);
$parentGroup->groups->add($childGroup);
$this->assertTrue($parentGroup->save());
$parentGroup->forget();
$childGroup->forget();
$parentGroup = Group::getByName('AAA');
$childGroup = Group::getByName('BBB');
//Add access for the confused user to Opportunities and creation of Opportunities.
$userInChildGroup->setRight('OpportunitiesModule', OpportunitiesModule::RIGHT_ACCESS_OPPORTUNITIES);
$userInChildGroup->setRight('OpportunitiesModule', OpportunitiesModule::RIGHT_CREATE_OPPORTUNITIES);
$this->assertTrue($userInChildGroup->save());
//create opportunity owned by super
$opportunity3 = OpportunityTestHelper::createOpportunityByNameForOwner('testingParentGroupPermission', $super);
//Test userInParentGroup, access to details and edit should fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $opportunity3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('opportunities/default/details');
$this->setGetArray(array('id' => $opportunity3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('opportunities/default/edit');
//Test userInChildGroup, access to details and edit should fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $opportunity3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('opportunities/default/details');
$this->setGetArray(array('id' => $opportunity3->id));
$this->runControllerShouldResultInAccessFailureAndGetContent('opportunities/default/edit');
//give parentGroup access to READ
Yii::app()->user->userModel = $super;
$opportunity3->addPermissions($parentGroup, Permission::READ);
$this->assertTrue($opportunity3->save());
//Test userInParentGroup, access to details should not fail.
Yii::app()->user->userModel = $userInParentGroup;
$this->setGetArray(array('id' => $opportunity3->id));
$this->runControllerWithNoExceptionsAndGetContent('opportunities/default/details');
//Test userInChildGroup, access to details should not fail.
Yii::app()->user->userModel = $userInChildGroup;
$this->setGetArray(array('id' => $opportunity3->id));